SUMMARY:

• Over 9 year experience as SAP NetWeaver Security Analyst/Consultant
• Thoroughly experienced in all phases of a project lifecycle beginning with the business blueprint to production support
• Solid background across several industry verticals, including Financial institution, IT services, Consumer products, Telecom and Manufacturing
• Excellent experience in requirements gathering, design, development and maintenance of SAP applications security
• Solid experience in SAP R3,ECC 6.0, Solution Manager, chaRM, SAP ERP, SAP GRC; Access Control, SAP Netweaver, and Portal.
• Extensive experience in Security and Authorization for performing User Administration, role development and in resolving all kinds of security issues
• Participated in several project implementations
• Interfaced widely with Clients to gain insight and develop solutions to meet customer business needs across SAP landscape. Good team player with great communication skills
• Good understanding working with both Internal and External Auditors and resolving Auditor s Security gap report
• Performing periodic SAP role reviews to affirm adherence with security guidelines and policies
• Extensive experience in developing, copying, creating and designing customized roles, single roles, composite roles and derived roles to suit company needs in different modules such as FI, CO, HCM,CRM, SD, SRM, SD and BI
• Thorough understanding of Transport Management System (TMS), Audit Information System (AIS) and User Administration
• Knowledge and hands - on experience with Windows 98, Windows NT, Windows 2000, Windows XP, Vista, Windows 2003 Server and MS Office suites
• Good understanding of MS SQL (2000 and 2003)
• Highly proficient in producing and analysing reports in SAP system landscape
• Experience in adhering to and maintaining the Change Management Process for transporting changes in tables and security objects with the use of chaRM to manage and keep track of all changes in the SAP environment.
• Comprehensive knowledge of the use of OSS to search and resolve issues
• Strong understanding of business issues and can communicate effectively with configuration experts, developers and power users to solve critical business issues

PROFESSIONAL EXPERIENCE:

SAP Security Consultant

Confidential, Fort Washington, PA

• Participated in Project Care which was meant to bring the Finances, A/P and A/R of the Company from all its branches all over the world under one platform within the SAP system. (Global Financial SAP Implementation)
• Reviewed, designed and created new Single, Parent, Derived and Composite roles, deleted and restructure old roles to reflect the needs of the Business Owners in the ECC6 system in such modules as SAP FI, CO, CRM, SD in compliance with SOD
• Designed Firefighter roles, Business roles, background roles and error handling roles (Support Services) in different business areas.
• Worked extensively with SAP FI, CO, ABAP, Basis and BI Consultants both on ground and remotely to make sure that all Finances of the Company from all their branches in the world were brought under one Centralised SAP System leading to maximization of Profit.
• Implemented the use of Change Request Management to manage and keep track of changes from design to testing to final promotion to production system in the entire SAP landscape.
• Responsible for Complete lifecycle from designing, unit testing, and integration testing, user mapping, go-live and post production support within the SAP Security landscape
• Created New User IDs in CUA based on standard naming convention, setting up of new users and assigning new roles to them.
• Responsible for creating new Company Codes and assigning the Codes to different branches of the organization. Secured roles by organizational levels such as Company Codes, Plant, Cost Center, Purchasing Organization etc for different modules.
• Responsible for troubleshooting authorization problems using repository Information System and tracing authorisation using SU53, SU24, SM19, SM20, RSECSDMIN and ST01
• Trained new users to ensure familiarity with the SAP system and transferred knowledge to business owners to ensure proper compliance with SOD in line with Service Level Agreement
• Monitored Progress reports to identify and evaluate user changes, critical authorisation and audit logs related to SAP System and ensured that all sensitive authorisation and transaction codes are properly secured.
• Conducted extensive testing of authorisation in order to meet business expectation.

Independent SAP Security Consultant

Confidential, Brampton, ON

• Providing Comprehensive knowledge transfer activities
• Providing SAP Security and Authorization Training
• Providing SAP Security Consultancy Services for on-going development, support and integration strategies
• Provision of continual improvement of strategies and procedures for Security, User Identity Management and Role development while putting in place restrictions to profiles based on individual departments and job level
• Lead the execution of SAP strategy for technology platforms, partnership and external relationship
• Liaise with clients to gain a thorough understanding of their SAP needs and come up with proactive solutions

SAP Security Consultant

Confidential

• Reviewed, designed, developed and maintained various customized roles, single roles, derived roles and composite roles for HR, FICO, BI/BW, SAP Financials (SEM) for all Jurisdictions of the Bank across the world for the Global Rollout Project
• Owned the responsibility for all authorization issues for HR, BW, SEM and FICO for the bank and all its branches and subsidiaries making sure the problems are resolved within the required standard and time frame
• Provided Comprehensive Knowledge Transfer and Training to off-shore and on-shore resources for the entire security design and maintenance process and responsible for creating step by step documentations on role maintenance, authorization management, user administration and participated in business process design.
• Implemented the integration of the Bank’s new acquisitions and mergers into the SAP Security landscape; making sure the appropriate company codes are created and assigned while authorization are carefully granted to reflect their needs.
• Interfaced with IBM personnel to implement the Tivoli Identity Management System to centralize and synchronize SAP credentials with other applications
• Extensively used PFCG to create and design roles and generate authorization profiles for all the branches of the Bank all over the world while making sure that necessary restrictions are put in place to reflect the needs of different jurisdictions
• Configured the Audit Information System and activated the Security Audit Log and reset Profile Parameters to properly secure the system
• Reviewed and performed the total overhaul of the SAP Security System and worked with Internal and External Auditors to meet the Security Audit Points
• Responsible for the implementation and documentation of all management approved and auditor recommended solutions to the SAP landscape
• Re-evaluated all User Roles, deleted obsolete and duplicated roles and performed general cleanup of the Security Environment while replacing with new roles
• Transported roles and changes to the PRD environment making sure that access to transport management related functions are restricted and the procedure of promoting changes to PRD and getting approval via CCB is properly adhered to
• Produced new Security Administration document detailing the process of requesting, approving, granting, confirming and monitoring user access to SAP systems to reflect workflow changes necessary since the introduction of Tivoli
• Restrict authorization to key transactions and resources like SM59, SU01, SMICM, STRUST etc and table RFCDES after consultation with business owners
• Maintained Structural authorizations to restrict access to organizational objects, data (infotype, subtype) and access mode (read, write etc)
• Utilized BI standard authorization and analysis authorization to restrict access to infoareas, info providers (infocubes, info objects, operational Data source) and queries
• Related general and structural authorization profiles to each other to avoid authorizations being overwritten unintentionally
• Created an administrator’s authorizations for HR Master Data of the employees in the administrator’s area of responsibility

SAP Security Administrator

Confidential

• Upgraded and tested roles and users from SAP version 4.6 to ECC6.0
• Performed extensive user administration: creating, changing, maintaining, deleting user accounts and assigning roles to users as required by end-users to perform their functions effectively
• Updated USOBT C and USOBX C tables and interfaced with functional teams to gather role requirements, created Role Matrices and then utilize Profile Generator (PFCG) to copy, create new and modify existing roles
• Performed transport and mass transport of single, composite, custom and derived roles from Development to QAS and eventually to Production environment, also transport object request to PRD servers using TP (transport control program) or STMS and verifying through transport logs
• Troubleshooting the security related authorization problems and performing periodic SAP role reviews to affirm adherence with security guidelines and policies
• Collaborate with other team members and business representatives to ensure that security settings meet current standard
• Responsible for second and third level support for SAP Security Authorization
• Working knowledge of help desk software for issue tracking and solution
• Performed day to day monitoring of the entire SAP landscape using AL08,SM04, SM51,SUIM and the Security Audit Log using SM20N while also making sure that standard SAP Super Users (SAP*, DDIC ) were set up as system or background users with passwords changed using report RSUSR003 in all the SAP systems
• Secured roles by Company code, Plant, Cost center, Profit center, Purchasing organization etc
• Extensively worked on authorization objects class, authorization objects, fields, values, transaction codes and profiles using PFCG, SU24, SE97, SE95 and SM01
• Strong hand on experience to create custom Authorization Objects (SU21) to restrict authorization in Tables, Transaction codes, and ABAP Programs
• Versed in creating/maintaining Custom Transaction Codes to enforce compliance to security need of a business process
• Actively interface with business process team to gather role requirements for multiple functional areas and then utilize the SAP profile generator to copy, create new and modify existing SAP custom roles and profiles
• Analyzed all business roles and mapped them to transaction code according to business processes
• Work with Business specialists to help them understand what SAP authorization objects are causing conflicts and what options exist for mitigating the conflicts
• Work with functional/process team to refine requirements and develop solutions to application security issues including Sarbanes Oxley Compliance (SOX)
• Utilized the segregation of duty (SOD) system tool to validate user role assignments and to validate modification of roles and profiles
• Ran security reports for critical transactions and objects and for users who never logged on
• Analyzed all customer programs and transaction codes for authority checks

SAP Security Analyst

Confidential

• Participated in the full life cycle implementation of SAP ECC 6.0 and Go- Live
• Comprehensive use of Profile Generator to create and assign roles to end users and did proper documentation of generated roles
• Developed highly efficient system of attaching roles to positions instead of users
• Trouble shoot and find appropriate authorizations needed for roles
• Responsible for creating and maintaining Custom Security roles and authorisation in CRM, HR, FI, CO and BW/BI
• Responsible for creating step by step documentation on role maintenance, authorization management, User administration and participated in business process design
• Tracing authorizations problem with ST01 and checking for missing authorization objects by using SU53 and also utilized SU24 to find out authorization objects related to the transaction code to check and maintain
• Actively interfaced with business process teams to gather role requirements
• Supported a phased roll-out inclusive of end users and project team members while supporting on-going implementation and cut-over activities Created, Managed and Release Change Requests for transports using transaction codes SE01, SE03, SE09 and SE10 and resolved TMS problems (STMS, SE03)
• Strictly adhered to the company’s security policy on privacy and data violation (PIA) through pro-active decision making and configuration of security parameters
• Identified, qualified, quantified and remedied problems in accordance with the company SAP policies/procedures
• Identified, qualified and remedied problems in accordance with the Company SAP policies/procedures
• Closely worked with auditors to adhere to SOX Compliance and made changes to roles, user access and authorisation objects
• Build Role Matrix for creating custom roles for business users as required for CRM Interaction Center Web Client Module
• Strictly adhered to company’s security policy on privacy and data violation (PIA) through pro-active decision making and configuration of security parameters
• Responsible for creating step by step documentation on role maintenance, authorisation management, user administration
• Derived child roles from parent roles using SAP derivation tool and ensuring appropriate restriction and control are built in the authorization
• Performed day to day security administration that includes troubleshooting, password reset, deletion and creation of roles, increase and reduce access, lock and unlock user ids and transport of roles and objects from development all the way to the production environment.
• Derived child roles from parent roles using SAP derivation tool; and ensuring appropriate restriction and control are built in the authorization
• Day-to-day security administration that includes troubleshooting, password reset, deletion and creation of roles, increase and limit access, lock and unlock user ids, transport of development issues through production system

SAP Security Analyst

Confidential

• Extensively worked on authorization objects class, authorization objects, fields, values, transaction codes and profiles using PFCG, SU24, SE97, SE 95 and SM01
• Strong hand on experience to create custom authorization objects (SU21) to restrict authorization in tables, transaction codes and ABAP programs
• Troubleshoot, analysed and trace security and authorization problems using transaction codes SU53, ST01 and SM 19 and interpret trace results
• Developed, designed, created and copy single, derived and customized roles
• Supported project work to identify potential SOD issues
• Managing user login parameters and logon parameters
• Worked with functional team to develop security roles that meets business needs
• Performed User Administration ( creating, changing, deleting user accounts) and update User Master Records

Customer Service Rep-Technical

Confidential

• Troubleshooting Computer and Internet problems
• Helped customers with technical issues with regards to computer configurations, PC hardware and software and resolve issues arising from LAN problems